Attackers exploiting a patched FortiClient EMS vulnerability in the wild

Kaspersky’s GERT experts describe an incident with initial access to enterprise infrastructures through a FortiClient EMS vulnerability that allowed SQL injections. Continue reading Attackers exploiting a patched FortiClient EMS vulnerability in the wild

Attackers exploiting a patched FortiClient EMS vulnerability in the wild

Kaspersky’s GERT experts describe an incident with initial access to enterprise infrastructures through a FortiClient EMS vulnerability that allowed SQL injections. Continue reading Attackers exploiting a patched FortiClient EMS vulnerability in the wild

Protecting your digital assets from non-human identity attacks

Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps. The use of non-human identities (NHIs) to power business-critical applications — […]

The post Protecting your digital assets from non-human identity attacks appeared first on Security Intelligence.

Continue reading Protecting your digital assets from non-human identity attacks

Updated MATA attacks industrial companies in Eastern Europe

In early September 2022, we discovered several new malware samples belonging to the MATA cluster. The campaign had been launched in mid-August 2022 and targeted over a dozen corporations in Eastern Europe from the oil and gas sector and defense industry. Continue reading Updated MATA attacks industrial companies in Eastern Europe

“Authorized” to break in: Adversaries use valid credentials to compromise cloud environments

Overprivileged plaintext credentials left on display in 33% of X-Force adversary simulations Adversaries are constantly seeking to improve their productivity margins, but new data from IBM X-Force suggests they aren’t exclusively leaning on sophistication to do so. Simple yet reliable tactics that offer ease of use and often direct access to privileged environments are still […]

The post “Authorized” to break in: Adversaries use valid credentials to compromise cloud environments appeared first on Security Intelligence.

Continue reading “Authorized” to break in: Adversaries use valid credentials to compromise cloud environments

Email crypto phishing scams: stealing from hot and cold crypto wallets

Here is how email phishing scams targeting hot and cold crypto wallets, such as Trezor and Ledger, work. Continue reading Email crypto phishing scams: stealing from hot and cold crypto wallets

Detection Methods: Do You Know Where Your Credentials are?

Information-stealing malware has become extremely pervasive in recent years. This malware harvests millions of credentials annually from endpoint devices and enterprises across the globe to devastating effects.  Using highly automated and orchestrated attack methods, threat actors and initial access brokers provide an endless supply of compromised credentials to cyber criminal syndicates who use those credentials […]

The post Detection Methods: Do You Know Where Your Credentials are? appeared first on Security Intelligence.

Continue reading Detection Methods: Do You Know Where Your Credentials are?

Overview of Google Play threats sold on the dark web

Kaspersky research into dark web offers related to Android malware and its distribution via Google Play: hacked app developer accounts, malicious loaders, etc. Continue reading Overview of Google Play threats sold on the dark web

Will Charging Station Cyberattacks Impact the EV Boom?

During a recent get-together, my friend arrived late. She apologized, quickly explaining that she’d had trouble finding a charging station for her electric vehicle (EV). While she knew where the stations in her hometown were, she couldn’t easily find them on the road. This piqued my curiosity, and I began asking her questions about EVs […]

The post Will Charging Station Cyberattacks Impact the EV Boom? appeared first on Security Intelligence.

Continue reading Will Charging Station Cyberattacks Impact the EV Boom?

Detecting the Undetected: The Risk to Your Info

IBM’s Advanced Threat Detection and Response Team (ATDR) has seen an increase in the malware family known as information stealers in the wild over the past year. Info stealers are malware with the capability of scanning for and exfiltrating data and credentials from your device. When executed, they begin scanning for and copying various directories […]

The post Detecting the Undetected: The Risk to Your Info appeared first on Security Intelligence.

Continue reading Detecting the Undetected: The Risk to Your Info